Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company’s employee attendance data after a threat actor leaked the data on a hacking forum. […]
Windows 11 KB5035853 update released, here’s what’s new
Microsoft has released the KB5035853 cumulative update for Windows 11 23H3 and 22H2, with 21 fixes and changes, including fixing a bug causing 0x800F0922 errors when installing updates. […]
Windows 10 KB5035845 update released with 9 new changes, fixes
Microsoft has released the KB5035845 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes nine new changes and fixes. […]
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs
Today is Microsoft’s March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. […]
Tor’s new WebTunnel bridges mimic HTTPS traffic to evade censorship
The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting the Tor network by hiding connections in plain sight. […]
Google paid $10 million in bug bounty rewards last year
Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company’s products and services. […]
Over 12 million auth secrets and keys leaked on GitHub in 2023
GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. […]
Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet.
The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from
The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from
CTEM 101 – Go Beyond Vulnerability Management with Continuous Threat Exposure Management
In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you’d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code.
According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks.
“These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024,” security researcher
According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks.
“These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024,” security researcher